RSS FullRecent Posts
Recent Comments
- luca on XSS in mysql_error()
- Jacob Tuscon on SQL Power Injector 1.2 released - TechRepublic
- MySQL Security » MySQL Security Update Fixes Restrictions Bypass and Library … on MySQL Security Update Fixes Restrictions Bypass and Library ...
Browse by Tag
ajax blog blog archive categories code css database database security development exploit flat google guitar hosting html injection internet javascript Links linux menu mysql MySQL Security mysql shell new news oracle password php php mysql security programming really simple syndication registerwidget search security select seo server software sql sql injection technology update utf vulnerability web widgetinfo widgetmanager wordpress xmlNetClassifieds [multiple vulnerabilities]
Filed under netclassifieds, multiple, parameter, bugtraq-security-focus, default
I wont past every line of this code , because EVERY parameter is vulnerable to sql injection , XSS , full path … ===== 4)proof of concept =====. exemple of exploitation : 1) http://site.com/ViewCat.php?CatID=-8+union+select+1,email …
Read the original:
NetClassifieds [multiple vulnerabilities]
June 21st, 2007. Comment now »
